Some attackers are harder to kick out and keep out. From a notification letter to a state attorney general’s office by external counsel for Eurasia Group, a consulting firm in New York: In December 2020, Eurasia Group discovered suspicious activity within its email system. Eurasia Group immediately launched an investigation, with the assistance of third-party…
Category: Hack
Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)
Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…
Ransomware cyberattack continues at Bluefield University
Updated May 3: Avos Locker subsequently added the university to its leak site with a message: “1.2 TB data from a college with cyber insurance policy that doesn’t care about protecting students. Management is a circus attempting to identify breach (good luck) and lying to students and media about the severity. We’ll continue attacking for…
The Untold Story of the Boldest Supply-Chain Hack Ever
Kim Zetter has a fascinating piece on the run-up to the SolarWinds attack. Here’s a snippet: In fact, the Justice Department and Volexity had stumbled onto one of the most sophisticated cyberespionage campaigns of the decade. The perpetrators had indeed hacked SolarWinds’ software. Using techniques that investigators had never seen before, the hackers gained access…
T-Mobile discloses second data breach since the start of 2023
Sergiu Gatlan reports: T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers….
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…